Go to listing page

Cyware Daily Threat Intelligence February 19, 2019

Cyware Daily Threat Intelligence February 19, 2019

Share Blog Post

Top Breaches Reported in the Last 24 Hours

2.7 million health-related calls exposed
A server containing around 2.7 million health-related calls, was found completely exposed on the internet. The recorded conversations which date back to at least 2013, were made to the 1177 Swedish Healthcare Guide. Some of these calls had recorded Social Security numbers and telephone numbers of victims seeking health-related advice from 1177 Care Guide service. Following the discovery of the data leak, access to the unsecured server has been blocked. The leaked data is no longer available on the internet. 

Cyber-attack on Australian parliament
Australian parliament has suffered a sophisticated cyber-attack recently. Although the threat actors behind the attack are unknown, it is believed that the attack was primarily carried out to target major political parties. Threat actors are said to have made attempts to access the network systems of the parliament but were blocked before any confidential information could be accessed.

Top Malware Reported in the Last 24 Hours

GandCrab returns
Threat actors have discovered a new way to infect Managed Service Providers and their customers with the notorious GandCrab ransomware. They are exploiting an old flaw (CVE-2017-18362) existing in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool to distribute the malware. Once installed, the ransomware locks up all the customers' endpoints, including servers and later demands a ransom.

Rietspoof malware
A new multi-stage malware named Rietspoof that is distributed via Skype or Facebook Messenger, has been discovered by security researchers. The malware is primarily designed to drop multiple payloads on the systems. It gains persistence over an infected system by placing an LNK (shortcut) file in the Windows /Startup folder.

New malware infiltration technique
Security researchers have come across a new malware infiltration technique that can enable attackers to execute malware on a victim's machine without the user actually opening the malicious Word Document file. This is possible when the user is previewing the file via 'Preview Pane' in Windows Explorer or Outlook. 


rietspoof malware
gandcrab ransomware
health related calls
1177 swedish healthcare guide

Posted on: February 19, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.